package com.app.shop.config.security;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;

public class XAuthenticationProvider extends DaoAuthenticationProvider {

    @Override
    public boolean supports(Class<?> authentication) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
    }

    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
        Object salt = null;
        if (getSaltSource() != null) {
            salt = getSaltSource().getSalt(userDetails);
        }
        if (authentication.getCredentials() == null) {
            logger.debug("Authentication failed: no credentials provided");
//            throw new BadCredentialsException("用户名或密码错误!");
            throw new ValidCodeErrorException("用户名或密码错误!");
        }
        String presentedPassword = authentication.getCredentials().toString();
        //此处进行密码加密校验
        if (!this.getPasswordEncoder().isPasswordValid(userDetails.getPassword(), presentedPassword, salt)) {
        logger.debug("Authentication failed: password does not match stored value");
//           throw new BadCredentialsException("用户名或密码错误!");
            throw new ValidCodeErrorException("用户名或密码错误!");
       }

    }
}